Resolve CodeQL Alert #21 - Generated by GHA #23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Issue Trigger | |
on: | |
issues: | |
types: [opened, transferred, assigned] | |
jobs: | |
# Adds newly created issues onto project board in the default column 'New Issue Approval' | |
# unless overridden when issue has "LA website bot" in title, then 'Questions / In Review' | |
Add-Issue-To-Project-Board: | |
runs-on: ubuntu-latest | |
if: ${{ github.event_name == 'issues' && github.event.action == 'opened' }} | |
env: | |
COLUMN_NAME: ${{ contains(github.event.issue.title, 'Hack for LA website bot') && 'Questions / In Review' || 'New Issue Approval' }} | |
steps: | |
- name: Add issue to project board | |
id: add-issue-project-board | |
uses: alex-page/[email protected] | |
with: | |
project: Project Board | |
column: ${{ env.COLUMN_NAME }} | |
repo-token: ${{ secrets.HACKFORLA_BOT_PA_TOKEN }} | |
Add-Missing-Labels-To-Issues: | |
runs-on: ubuntu-latest | |
# Only trigger this action when an issue is newly created | |
if: ${{ github.event_name == 'issues' && (github.event.action == 'opened' || github.event.action == 'transferred')}} | |
steps: | |
- uses: actions/checkout@v4 | |
# Check if the issue has required labels | |
- name: Check Labels | |
id: check-labels | |
uses: actions/github-script@v7 | |
with: | |
script: | | |
const script = require('./github-actions/trigger-issue/add-missing-labels-to-issues/check-labels.js') | |
const checkLabels = script({g: github, c: context}) | |
return checkLabels | |
#Checks which teams the user is on | |
- uses: tspascoal/get-user-teams-membership@v3 | |
id: checkUserMember | |
with: | |
username: ${{ github.actor }} | |
organization: 'hackforla' | |
team: 'website-write' | |
GITHUB_TOKEN: ${{ secrets.TEAMS }} | |
# Checks if user is on the website-write-team | |
- if: ${{ steps.checkUserMember.outputs.isTeamMember == 'true' }} | |
# Post comment based on the previous action's results | |
name: Post Comment | |
uses: actions/github-script@v7 | |
id: post-comment | |
with: | |
script: | | |
const results = ${{ steps.check-labels.outputs.result }} | |
const script = require('./github-actions/trigger-issue/add-missing-labels-to-issues/post-labels-comment.js') | |
script({g: github, c:context}, results) | |
#Asking for preliminary update when issue is assigned | |
Ask-For-Preliminary-update: | |
runs-on: ubuntu-latest | |
#Triggers when the issue is newly assigned | |
if: ${{ github.event_name == 'issues' && github.event.action == 'assigned'}} | |
steps: | |
- uses: actions/checkout@v4 | |
# Check if the issue has the required roles | |
- name: Check Labels Prelim | |
uses: actions/github-script@v7 | |
id: check-labels-prelim | |
with: | |
script: | | |
const script = require('./github-actions/trigger-issue/add-preliminary-comment/check-label-preliminary-update.js') | |
const checklabels = script({g: github, c: context}) | |
return checklabels | |
# Post the comment based on the result of the previous step | |
- name: Post assigning issue comment | |
id: assigned-comment | |
uses: actions/github-script@v7 | |
with: | |
script: | | |
const results = ${{ steps.check-labels-prelim.outputs.result }} | |
const script = require('./github-actions/trigger-issue/add-preliminary-comment/preliminary-update-comment.js') | |
script({g: github, c:context},results) |